You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2020/07/09 23:02:49 UTC

[cxf] 01/01: Merge branch 'master' into feature/CXF-8099_mask_sensitive_logging_elements

This is an automated email from the ASF dual-hosted git repository.

ashakirin pushed a commit to branch feature/CXF-8099_mask_sensitive_logging_elements
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit b8f66bb7c77125560d8d4091ac77258d79401613
Merge: a99ff2c 47a21d4
Author: ashakirin <49...@users.noreply.github.com>
AuthorDate: Fri Jul 10 01:02:15 2020 +0200

    Merge branch 'master' into feature/CXF-8099_mask_sensitive_logging_elements
    
    # Conflicts:
    #	rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java

 .../cxf/common/logging/RegexLoggingFilterTest.java |   3 +-
 distribution/src/main/release/samples/pom.xml      |   4 +-
 .../karaf/features/src/main/resources/features.xml |   3 +-
 parent/pom.xml                                     |  19 +++--
 pom.xml                                            |   5 --
 .../ext/logging/AbstractLoggingInterceptor.java    |   3 +-
 .../cxf/ext/logging/LoggingInInterceptor.java      |  24 ++++++
 rt/frontend/jaxrs/pom.xml                          |   4 +
 .../apache/cxf/jaxrs/model/wadl/WadlGenerator.java |  14 ++--
 .../cxf/jaxrs/model/wadl/WadlGeneratorTest.java    |   8 +-
 .../httpsignature/utils/SignatureHeaderUtils.java  |   2 +-
 rt/rs/security/oauth-parent/oauth2/pom.xml         |  10 +--
 .../grants/refresh/RefreshTokenGrantHandler.java   |   2 +-
 .../cxf/rs/security/oauth2/utils/OAuthUtils.java   |  13 +++-
 rt/rs/security/sso/oidc/pom.xml                    |  10 +--
 .../apache/cxf/transport/jms/JMSDestination.java   |   2 +-
 .../jms/util/PollingMessageListenerContainer.java  |   6 ++
 .../org/apache/cxf/sts/service/StaticService.java  |  24 ++++++
 .../apache/cxf/sts/service/StaticServiceTest.java  |  68 ++++++++++++++++
 .../apache/cxf/systest/jaxrs/AtomBookStore.java    |   3 +
 .../apache/cxf/systest/jaxrs/AtomBookStore2.java   |   3 +
 .../apache/cxf/systest/jaxrs/AtomBookStore3.java   |   3 +
 .../cxf/systest/jaxws/JaxwsAsyncFailOverTest.java  |   6 ++
 ...ncFailOverTest.java => JaxwsBasicAuthTest.java} |  86 ++++++++++++++-------
 systests/rs-security/pom.xml                       |  16 ++--
 .../grants/AuthorizationGrantNegativeTest.java     |  46 +++++++++++
 .../oauth2/grants/AuthorizationGrantTest.java      |  45 +++++++++++
 .../apache/cxf/systest/mtom/ClientMtomXopTest.java |  37 +++++++++
 .../test/resources/\346\265\213\350\257\225.bmp"   | Bin 0 -> 163166 bytes
 .../cxf/tools/wadlto/jaxrs/SourceGenerator.java    |   2 +-
 .../cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java |  22 ++++++
 .../src/test/resources/wadl/bookstoreHyphen.xml    |  46 +++++++++++
 32 files changed, 454 insertions(+), 85 deletions(-)

diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
index 104b6b4,7927359..e4375f8
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
@@@ -39,8 -34,7 +39,7 @@@ public abstract class AbstractLoggingIn
      public static final int DEFAULT_LIMIT = 48 * 1024;
      public static final int DEFAULT_THRESHOLD = -1;
      public static final String CONTENT_SUPPRESSED = "--- Content suppressed ---";
-     private static final String  LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
- 
 -    protected static final String  LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable"; 
++    protected static final String  LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
      protected int limit = DEFAULT_LIMIT;
      protected long threshold = DEFAULT_THRESHOLD;
      protected boolean logBinary;
diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
index c5da59d,a5ed555..73b72b2
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
@@@ -64,9 -83,14 +83,14 @@@ public class LoggingInInterceptor exten
      public void handleMessage(Message message) throws Fault {
          if (isLoggingDisabledNow(message)) {
              return;
+         } else {
+             //ensure only logging once for a certain message
+             //this can prevent message logging again when fault
+             //happen after PRE_INVOKE phase(rewind calls into LoggingInFaultInterceptor)
+             message.put(LIVE_LOGGING_PROP, Boolean.FALSE);
          }
          createExchangeId(message);
 -        final LogEvent event = eventMapper.map(message);
 +        final LogEvent event = eventMapper.map(message, sensitiveProtocolHeaderMap);
          if (shouldLogContent(event)) {
              addContent(message, event);
          } else {